1 /* $NetBSD: smtp.c,v 1.12 2022/10/08 16:12:49 christos Exp $ */
2
3 /*++
4 /* NAME
5 /* smtp 8
6 /* SUMMARY
7 /* Postfix SMTP+LMTP client
8 /* SYNOPSIS
9 /* \fBsmtp\fR [generic Postfix daemon options] [flags=DORX]
10 /* DESCRIPTION
11 /* The Postfix SMTP+LMTP client implements the SMTP and LMTP mail
12 /* delivery protocols. It processes message delivery requests from
13 /* the queue manager. Each request specifies a queue file, a sender
14 /* address, a domain or host to deliver to, and recipient information.
15 /* This program expects to be run from the \fBmaster\fR(8) process
16 /* manager.
17 /*
18 /* The SMTP+LMTP client updates the queue file and marks recipients
19 /* as finished, or it informs the queue manager that delivery should
20 /* be tried again at a later time. Delivery status reports are sent
21 /* to the \fBbounce\fR(8), \fBdefer\fR(8) or \fBtrace\fR(8) daemon as
22 /* appropriate.
23 /*
24 /* The SMTP+LMTP client looks up a list of mail exchanger addresses for
25 /* the destination host, sorts the list by preference, and connects
26 /* to each listed address until it finds a server that responds.
27 /*
28 /* When a server is not reachable, or when mail delivery fails due
29 /* to a recoverable error condition, the SMTP+LMTP client will try to
30 /* deliver the mail to an alternate host.
31 /*
32 /* After a successful mail transaction, a connection may be saved
33 /* to the \fBscache\fR(8) connection cache server, so that it
34 /* may be used by any SMTP+LMTP client for a subsequent transaction.
35 /*
36 /* By default, connection caching is enabled temporarily for
37 /* destinations that have a high volume of mail in the active
38 /* queue. Connection caching can be enabled permanently for
39 /* specific destinations.
40 /* SMTP DESTINATION SYNTAX
41 /* .ad
42 /* .fi
43 /* The Postfix SMTP+LMTP client supports multiple destinations
44 /* separated by comma or whitespace (Postfix 3.5 and later).
45 /* SMTP destinations have the following form:
46 /* .IP \fIdomainname\fR
47 /* .IP \fIdomainname\fR:\fIport\fR
48 /* Look up the mail exchangers for the specified domain, and
49 /* connect to the specified port (default: \fBsmtp\fR).
50 /* .IP [\fIhostname\fR]
51 /* .IP [\fIhostname\fR]:\fIport\fR
52 /* Look up the address(es) of the specified host, and connect to
53 /* the specified port (default: \fBsmtp\fR).
54 /* .IP [\fIaddress\fR]
55 /* .IP [\fIaddress\fR]:\fIport\fR
56 /* Connect to the host at the specified address, and connect
57 /* to the specified port (default: \fBsmtp\fR). An IPv6 address
58 /* must be formatted as [\fBipv6\fR:\fIaddress\fR].
59 /* LMTP DESTINATION SYNTAX
60 /* .ad
61 /* .fi
62 /* The Postfix SMTP+LMTP client supports multiple destinations
63 /* separated by comma or whitespace (Postfix 3.5 and later).
64 /* LMTP destinations have the following form:
65 /* .IP \fBunix\fR:\fIpathname\fR
66 /* Connect to the local UNIX-domain server that is bound to the specified
67 /* \fIpathname\fR. If the process runs chrooted, an absolute pathname
68 /* is interpreted relative to the Postfix queue directory.
69 /* .IP \fBinet\fR:\fIhostname\fR
70 /* .IP \fBinet\fR:\fIhostname\fR:\fIport\fR
71 /* .IP \fBinet\fR:[\fIaddress\fR]
72 /* .IP \fBinet\fR:[\fIaddress\fR]:\fIport\fR
73 /* Connect to the specified TCP port on the specified local or
74 /* remote host. If no port is specified, connect to the port defined as
75 /* \fBlmtp\fR in \fBservices\fR(4).
76 /* If no such service is found, the \fBlmtp_tcp_port\fR configuration
77 /* parameter (default value of 24) will be used.
78 /* An IPv6 address must be formatted as [\fBipv6\fR:\fIaddress\fR].
79 /* SINGLE-RECIPIENT DELIVERY
80 /* .ad
81 /* .fi
82 /* By default, the Postfix SMTP+LMTP client delivers mail to
83 /* multiple recipients per delivery request. This is undesirable
84 /* when prepending a \fBDelivered-to:\fR or \fBX-Original-To:\fR
85 /* message header. To prevent Postfix from sending multiple
86 /* recipients per delivery request, specify
87 /* .sp
88 /* .nf
89 /* \fItransport\fB_destination_recipient_limit = 1\fR
90 /* .fi
91 /*
92 /* in the Postfix \fBmain.cf\fR file, where \fItransport\fR
93 /* is the name in the first column of the Postfix \fBmaster.cf\fR
94 /* entry for this mail delivery service.
95 /* COMMAND ATTRIBUTE SYNTAX
96 /* .ad
97 /* .fi
98 /* .IP "\fBflags=DORX\fR (optional)"
99 /* Optional message processing flags.
100 /* .RS
101 /* .IP \fBD\fR
102 /* Prepend a "\fBDelivered-To: \fIrecipient\fR" message header
103 /* with the envelope recipient address. Note: for this to work,
104 /* the \fItransport\fB_destination_recipient_limit\fR must be
105 /* 1 (see SINGLE-RECIPIENT DELIVERY above for details).
106 /* .sp
107 /* The \fBD\fR flag also enforces loop detection: if a message
108 /* already contains a \fBDelivered-To:\fR header with the same
109 /* recipient address, then the message is returned as
110 /* undeliverable. The address comparison is case insensitive.
111 /* .sp
112 /* This feature is available as of Postfix 3.5.
113 /* .IP \fBO\fR
114 /* Prepend an "\fBX-Original-To: \fIrecipient\fR" message
115 /* header with the recipient address as given to Postfix. Note:
116 /* for this to work, the
117 /* \fItransport\fB_destination_recipient_limit\fR must be 1
118 /* (see SINGLE-RECIPIENT DELIVERY above for details).
119 /* .sp
120 /* This feature is available as of Postfix 3.5.
121 /* .IP \fBR\fR
122 /* Prepend a "\fBReturn-Path: <\fIsender\fB>\fR" message header
123 /* with the envelope sender address.
124 /* .sp
125 /* This feature is available as of Postfix 3.5.
126 /* .IP \fBX\fR
127 /* Indicates that the delivery is final. This flag affects
128 /* the status reported in "success" DSN (delivery status
129 /* notification) messages, and changes it from "relayed" into
130 /* "delivered".
131 /* .sp
132 /* This feature is available as of Postfix 3.5.
133 /* .RE
134 /* SECURITY
135 /* The SMTP+LMTP client is moderately security-sensitive. It
136 /* talks to SMTP or LMTP servers and to DNS servers on the
137 /* network. The SMTP+LMTP client can be run chrooted at fixed
138 /* low privilege.
139 /* STANDARDS
140 /* RFC 821 (SMTP protocol)
141 /* RFC 822 (ARPA Internet Text Messages)
142 /* RFC 1651 (SMTP service extensions)
143 /* RFC 1652 (8bit-MIME transport)
144 /* RFC 1870 (Message Size Declaration)
145 /* RFC 2033 (LMTP protocol)
146 /* RFC 2034 (SMTP Enhanced Error Codes)
147 /* RFC 2045 (MIME: Format of Internet Message Bodies)
148 /* RFC 2046 (MIME: Media Types)
149 /* RFC 2554 (AUTH command)
150 /* RFC 2821 (SMTP protocol)
151 /* RFC 2920 (SMTP Pipelining)
152 /* RFC 3207 (STARTTLS command)
153 /* RFC 3461 (SMTP DSN Extension)
154 /* RFC 3463 (Enhanced Status Codes)
155 /* RFC 4954 (AUTH command)
156 /* RFC 5321 (SMTP protocol)
157 /* RFC 6531 (Internationalized SMTP)
158 /* RFC 6533 (Internationalized Delivery Status Notifications)
159 /* RFC 7672 (SMTP security via opportunistic DANE TLS)
160 /* DIAGNOSTICS
161 /* Problems and transactions are logged to \fBsyslogd\fR(8)
162 /* or \fBpostlogd\fR(8).
163 /* Corrupted message files are marked so that the queue manager can
164 /* move them to the \fBcorrupt\fR queue for further inspection.
165 /*
166 /* Depending on the setting of the \fBnotify_classes\fR parameter,
167 /* the postmaster is notified of bounces, protocol problems, and of
168 /* other trouble.
169 /* BUGS
170 /* SMTP and LMTP connection reuse for TLS (without closing the
171 /* SMTP or LMTP connection) is not supported before Postfix 3.4.
172 /*
173 /* SMTP and LMTP connection reuse assumes that SASL credentials
174 /* are valid for all destinations that map onto the same IP
175 /* address and TCP port.
176 /* CONFIGURATION PARAMETERS
177 /* .ad
178 /* .fi
179 /* Before Postfix version 2.3, the LMTP client is a separate
180 /* program that implements only a subset of the functionality
181 /* available with SMTP: there is no support for TLS, and
182 /* connections are cached in-process, making it ineffective
183 /* when the client is used for multiple domains.
184 /*
185 /* Most smtp_\fIxxx\fR configuration parameters have an
186 /* lmtp_\fIxxx\fR "mirror" parameter for the equivalent LMTP
187 /* feature. This document describes only those LMTP-related
188 /* parameters that aren't simply "mirror" parameters.
189 /*
190 /* Changes to \fBmain.cf\fR are picked up automatically, as \fBsmtp\fR(8)
191 /* processes run for only a limited amount of time. Use the command
192 /* "\fBpostfix reload\fR" to speed up a change.
193 /*
194 /* The text below provides only a parameter summary. See
195 /* \fBpostconf\fR(5) for more details including examples.
196 /* COMPATIBILITY CONTROLS
197 /* .ad
198 /* .fi
199 /* .IP "\fBignore_mx_lookup_error (no)\fR"
200 /* Ignore DNS MX lookups that produce no response.
201 /* .IP "\fBsmtp_always_send_ehlo (yes)\fR"
202 /* Always send EHLO at the start of an SMTP session.
203 /* .IP "\fBsmtp_never_send_ehlo (no)\fR"
204 /* Never send EHLO at the start of an SMTP session.
205 /* .IP "\fBsmtp_defer_if_no_mx_address_found (no)\fR"
206 /* Defer mail delivery when no MX record resolves to an IP address.
207 /* .IP "\fBsmtp_line_length_limit (998)\fR"
208 /* The maximal length of message header and body lines that Postfix
209 /* will send via SMTP.
210 /* .IP "\fBsmtp_pix_workaround_delay_time (10s)\fR"
211 /* How long the Postfix SMTP client pauses before sending
212 /* ".<CR><LF>" in order to work around the PIX firewall
213 /* "<CR><LF>.<CR><LF>" bug.
214 /* .IP "\fBsmtp_pix_workaround_threshold_time (500s)\fR"
215 /* How long a message must be queued before the Postfix SMTP client
216 /* turns on the PIX firewall "<CR><LF>.<CR><LF>"
217 /* bug workaround for delivery through firewalls with "smtp fixup"
218 /* mode turned on.
219 /* .IP "\fBsmtp_pix_workarounds (disable_esmtp, delay_dotcrlf)\fR"
220 /* A list that specifies zero or more workarounds for CISCO PIX
221 /* firewall bugs.
222 /* .IP "\fBsmtp_pix_workaround_maps (empty)\fR"
223 /* Lookup tables, indexed by the remote SMTP server address, with
224 /* per-destination workarounds for CISCO PIX firewall bugs.
225 /* .IP "\fBsmtp_quote_rfc821_envelope (yes)\fR"
226 /* Quote addresses in Postfix SMTP client MAIL FROM and RCPT TO commands
227 /* as required
228 /* by RFC 5321.
229 /* .IP "\fBsmtp_reply_filter (empty)\fR"
230 /* A mechanism to transform replies from remote SMTP servers one
231 /* line at a time.
232 /* .IP "\fBsmtp_skip_5xx_greeting (yes)\fR"
233 /* Skip remote SMTP servers that greet with a 5XX status code.
234 /* .IP "\fBsmtp_skip_quit_response (yes)\fR"
235 /* Do not wait for the response to the SMTP QUIT command.
236 /* .PP
237 /* Available in Postfix version 2.0 and earlier:
238 /* .IP "\fBsmtp_skip_4xx_greeting (yes)\fR"
239 /* Skip SMTP servers that greet with a 4XX status code (go away, try
240 /* again later).
241 /* .PP
242 /* Available in Postfix version 2.2 and later:
243 /* .IP "\fBsmtp_discard_ehlo_keyword_address_maps (empty)\fR"
244 /* Lookup tables, indexed by the remote SMTP server address, with
245 /* case insensitive lists of EHLO keywords (pipelining, starttls, auth,
246 /* etc.) that the Postfix SMTP client will ignore in the EHLO response from a
247 /* remote SMTP server.
248 /* .IP "\fBsmtp_discard_ehlo_keywords (empty)\fR"
249 /* A case insensitive list of EHLO keywords (pipelining, starttls,
250 /* auth, etc.) that the Postfix SMTP client will ignore in the EHLO
251 /* response from a remote SMTP server.
252 /* .IP "\fBsmtp_generic_maps (empty)\fR"
253 /* Optional lookup tables that perform address rewriting in the
254 /* Postfix SMTP client, typically to transform a locally valid address into
255 /* a globally valid address when sending mail across the Internet.
256 /* .PP
257 /* Available in Postfix version 2.2.9 and later:
258 /* .IP "\fBsmtp_cname_overrides_servername (version dependent)\fR"
259 /* When the remote SMTP servername is a DNS CNAME, replace the
260 /* servername with the result from CNAME expansion for the purpose of
261 /* logging, SASL password lookup, TLS
262 /* policy decisions, or TLS certificate verification.
263 /* .PP
264 /* Available in Postfix version 2.3 and later:
265 /* .IP "\fBlmtp_discard_lhlo_keyword_address_maps (empty)\fR"
266 /* Lookup tables, indexed by the remote LMTP server address, with
267 /* case insensitive lists of LHLO keywords (pipelining, starttls,
268 /* auth, etc.) that the Postfix LMTP client will ignore in the LHLO
269 /* response
270 /* from a remote LMTP server.
271 /* .IP "\fBlmtp_discard_lhlo_keywords (empty)\fR"
272 /* A case insensitive list of LHLO keywords (pipelining, starttls,
273 /* auth, etc.) that the Postfix LMTP client will ignore in the LHLO
274 /* response
275 /* from a remote LMTP server.
276 /* .PP
277 /* Available in Postfix version 2.4.4 and later:
278 /* .IP "\fBsend_cyrus_sasl_authzid (no)\fR"
279 /* When authenticating to a remote SMTP or LMTP server with the
280 /* default setting "no", send no SASL authoriZation ID (authzid); send
281 /* only the SASL authentiCation ID (authcid) plus the authcid's password.
282 /* .PP
283 /* Available in Postfix version 2.5 and later:
284 /* .IP "\fBsmtp_header_checks (empty)\fR"
285 /* Restricted \fBheader_checks\fR(5) tables for the Postfix SMTP client.
286 /* .IP "\fBsmtp_mime_header_checks (empty)\fR"
287 /* Restricted \fBmime_header_checks\fR(5) tables for the Postfix SMTP
288 /* client.
289 /* .IP "\fBsmtp_nested_header_checks (empty)\fR"
290 /* Restricted \fBnested_header_checks\fR(5) tables for the Postfix SMTP
291 /* client.
292 /* .IP "\fBsmtp_body_checks (empty)\fR"
293 /* Restricted \fBbody_checks\fR(5) tables for the Postfix SMTP client.
294 /* .PP
295 /* Available in Postfix version 2.6 and later:
296 /* .IP "\fBtcp_windowsize (0)\fR"
297 /* An optional workaround for routers that break TCP window scaling.
298 /* .PP
299 /* Available in Postfix version 2.8 and later:
300 /* .IP "\fBsmtp_dns_resolver_options (empty)\fR"
301 /* DNS Resolver options for the Postfix SMTP client.
302 /* .PP
303 /* Available in Postfix version 2.9 - 3.6:
304 /* .IP "\fBsmtp_per_record_deadline (no)\fR"
305 /* Change the behavior of the smtp_*_timeout time limits, from a
306 /* time limit per read or write system call, to a time limit to send
307 /* or receive a complete record (an SMTP command line, SMTP response
308 /* line, SMTP message content line, or TLS protocol message).
309 /* .PP
310 /* Available in Postfix version 2.9 and later:
311 /* .IP "\fBsmtp_send_dummy_mail_auth (no)\fR"
312 /* Whether or not to append the "AUTH=<>" option to the MAIL
313 /* FROM command in SASL-authenticated SMTP sessions.
314 /* .PP
315 /* Available in Postfix version 2.11 and later:
316 /* .IP "\fBsmtp_dns_support_level (empty)\fR"
317 /* Level of DNS support in the Postfix SMTP client.
318 /* .PP
319 /* Available in Postfix version 3.0 and later:
320 /* .IP "\fBsmtp_delivery_status_filter ($default_delivery_status_filter)\fR"
321 /* Optional filter for the \fBsmtp\fR(8) delivery agent to change the
322 /* delivery status code or explanatory text of successful or unsuccessful
323 /* deliveries.
324 /* .IP "\fBsmtp_dns_reply_filter (empty)\fR"
325 /* Optional filter for Postfix SMTP client DNS lookup results.
326 /* .PP
327 /* Available in Postfix version 3.3 and later:
328 /* .IP "\fBsmtp_balance_inet_protocols (yes)\fR"
329 /* When a remote destination resolves to a combination of IPv4 and
330 /* IPv6 addresses, ensure that the Postfix SMTP client can try both
331 /* address types before it runs into the smtp_mx_address_limit.
332 /* .PP
333 /* Available in Postfix 3.5 and later:
334 /* .IP "\fBinfo_log_address_format (external)\fR"
335 /* The email address form that will be used in non-debug logging
336 /* (info, warning, etc.).
337 /* .PP
338 /* Available in Postfix 3.6 and later:
339 /* .IP "\fBdnssec_probe (ns:.)\fR"
340 /* The DNS query type (default: "ns") and DNS query name (default:
341 /* ".") that Postfix may use to determine whether DNSSEC validation
342 /* is available.
343 /* .IP "\fBknown_tcp_ports (lmtp=24, smtp=25, smtps=submissions=465, submission=587)\fR"
344 /* Optional setting that avoids lookups in the \fBservices\fR(5) database.
345 /* .PP
346 /* Available in Postfix version 3.7 and later:
347 /* .IP "\fBsmtp_per_request_deadline (no)\fR"
348 /* Change the behavior of the smtp_*_timeout time limits, from a
349 /* time limit per plaintext or TLS read or write call, to a combined
350 /* time limit for sending a complete SMTP request and for receiving a
351 /* complete SMTP response.
352 /* .IP "\fBsmtp_min_data_rate (500)\fR"
353 /* The minimum plaintext data transfer rate in bytes/second for
354 /* DATA requests, when deadlines are enabled with smtp_per_request_deadline.
355 /* .IP "\fBheader_from_format (standard)\fR"
356 /* The format of the Postfix-generated \fBFrom:\fR header.
357 /* MIME PROCESSING CONTROLS
358 /* .ad
359 /* .fi
360 /* Available in Postfix version 2.0 and later:
361 /* .IP "\fBdisable_mime_output_conversion (no)\fR"
362 /* Disable the conversion of 8BITMIME format to 7BIT format.
363 /* .IP "\fBmime_boundary_length_limit (2048)\fR"
364 /* The maximal length of MIME multipart boundary strings.
365 /* .IP "\fBmime_nesting_limit (100)\fR"
366 /* The maximal recursion level that the MIME processor will handle.
367 /* EXTERNAL CONTENT INSPECTION CONTROLS
368 /* .ad
369 /* .fi
370 /* Available in Postfix version 2.1 and later:
371 /* .IP "\fBsmtp_send_xforward_command (no)\fR"
372 /* Send the non-standard XFORWARD command when the Postfix SMTP server
373 /* EHLO response announces XFORWARD support.
374 /* SASL AUTHENTICATION CONTROLS
375 /* .ad
376 /* .fi
377 /* .IP "\fBsmtp_sasl_auth_enable (no)\fR"
378 /* Enable SASL authentication in the Postfix SMTP client.
379 /* .IP "\fBsmtp_sasl_password_maps (empty)\fR"
380 /* Optional Postfix SMTP client lookup tables with one username:password
381 /* entry per sender, remote hostname or next-hop domain.
382 /* .IP "\fBsmtp_sasl_security_options (noplaintext, noanonymous)\fR"
383 /* Postfix SMTP client SASL security options; as of Postfix 2.3
384 /* the list of available
385 /* features depends on the SASL client implementation that is selected
386 /* with \fBsmtp_sasl_type\fR.
387 /* .PP
388 /* Available in Postfix version 2.2 and later:
389 /* .IP "\fBsmtp_sasl_mechanism_filter (empty)\fR"
390 /* If non-empty, a Postfix SMTP client filter for the remote SMTP
391 /* server's list of offered SASL mechanisms.
392 /* .PP
393 /* Available in Postfix version 2.3 and later:
394 /* .IP "\fBsmtp_sender_dependent_authentication (no)\fR"
395 /* Enable sender-dependent authentication in the Postfix SMTP client; this is
396 /* available only with SASL authentication, and disables SMTP connection
397 /* caching to ensure that mail from different senders will use the
398 /* appropriate credentials.
399 /* .IP "\fBsmtp_sasl_path (empty)\fR"
400 /* Implementation-specific information that the Postfix SMTP client
401 /* passes through to
402 /* the SASL plug-in implementation that is selected with
403 /* \fBsmtp_sasl_type\fR.
404 /* .IP "\fBsmtp_sasl_type (cyrus)\fR"
405 /* The SASL plug-in type that the Postfix SMTP client should use
406 /* for authentication.
407 /* .PP
408 /* Available in Postfix version 2.5 and later:
409 /* .IP "\fBsmtp_sasl_auth_cache_name (empty)\fR"
410 /* An optional table to prevent repeated SASL authentication
411 /* failures with the same remote SMTP server hostname, username and
412 /* password.
413 /* .IP "\fBsmtp_sasl_auth_cache_time (90d)\fR"
414 /* The maximal age of an smtp_sasl_auth_cache_name entry before it
415 /* is removed.
416 /* .IP "\fBsmtp_sasl_auth_soft_bounce (yes)\fR"
417 /* When a remote SMTP server rejects a SASL authentication request
418 /* with a 535 reply code, defer mail delivery instead of returning
419 /* mail as undeliverable.
420 /* .PP
421 /* Available in Postfix version 2.9 and later:
422 /* .IP "\fBsmtp_send_dummy_mail_auth (no)\fR"
423 /* Whether or not to append the "AUTH=<>" option to the MAIL
424 /* FROM command in SASL-authenticated SMTP sessions.
425 /* STARTTLS SUPPORT CONTROLS
426 /* .ad
427 /* .fi
428 /* Detailed information about STARTTLS configuration may be found
429 /* in the TLS_README document.
430 /* .IP "\fBsmtp_tls_security_level (empty)\fR"
431 /* The default SMTP TLS security level for the Postfix SMTP client;
432 /* when a non-empty value is specified, this overrides the obsolete
433 /* parameters smtp_use_tls, smtp_enforce_tls, and smtp_tls_enforce_peername.
434 /* .IP "\fBsmtp_sasl_tls_security_options ($smtp_sasl_security_options)\fR"
435 /* The SASL authentication security options that the Postfix SMTP
436 /* client uses for TLS encrypted SMTP sessions.
437 /* .IP "\fBsmtp_starttls_timeout (300s)\fR"
438 /* Time limit for Postfix SMTP client write and read operations
439 /* during TLS startup and shutdown handshake procedures.
440 /* .IP "\fBsmtp_tls_CAfile (empty)\fR"
441 /* A file containing CA certificates of root CAs trusted to sign
442 /* either remote SMTP server certificates or intermediate CA certificates.
443 /* .IP "\fBsmtp_tls_CApath (empty)\fR"
444 /* Directory with PEM format Certification Authority certificates
445 /* that the Postfix SMTP client uses to verify a remote SMTP server
446 /* certificate.
447 /* .IP "\fBsmtp_tls_cert_file (empty)\fR"
448 /* File with the Postfix SMTP client RSA certificate in PEM format.
449 /* .IP "\fBsmtp_tls_mandatory_ciphers (medium)\fR"
450 /* The minimum TLS cipher grade that the Postfix SMTP client will
451 /* use with
452 /* mandatory TLS encryption.
453 /* .IP "\fBsmtp_tls_exclude_ciphers (empty)\fR"
454 /* List of ciphers or cipher types to exclude from the Postfix
455 /* SMTP client cipher
456 /* list at all TLS security levels.
457 /* .IP "\fBsmtp_tls_mandatory_exclude_ciphers (empty)\fR"
458 /* Additional list of ciphers or cipher types to exclude from the
459 /* Postfix SMTP client cipher list at mandatory TLS security levels.
460 /* .IP "\fBsmtp_tls_dcert_file (empty)\fR"
461 /* File with the Postfix SMTP client DSA certificate in PEM format.
462 /* .IP "\fBsmtp_tls_dkey_file ($smtp_tls_dcert_file)\fR"
463 /* File with the Postfix SMTP client DSA private key in PEM format.
464 /* .IP "\fBsmtp_tls_key_file ($smtp_tls_cert_file)\fR"
465 /* File with the Postfix SMTP client RSA private key in PEM format.
466 /* .IP "\fBsmtp_tls_loglevel (0)\fR"
467 /* Enable additional Postfix SMTP client logging of TLS activity.
468 /* .IP "\fBsmtp_tls_note_starttls_offer (no)\fR"
469 /* Log the hostname of a remote SMTP server that offers STARTTLS,
470 /* when TLS is not already enabled for that server.
471 /* .IP "\fBsmtp_tls_policy_maps (empty)\fR"
472 /* Optional lookup tables with the Postfix SMTP client TLS security
473 /* policy by next-hop destination; when a non-empty value is specified,
474 /* this overrides the obsolete smtp_tls_per_site parameter.
475 /* .IP "\fBsmtp_tls_mandatory_protocols (see 'postconf -d' output)\fR"
476 /* TLS protocols that the Postfix SMTP client will use with mandatory
477 /* TLS encryption.
478 /* .IP "\fBsmtp_tls_scert_verifydepth (9)\fR"
479 /* The verification depth for remote SMTP server certificates.
480 /* .IP "\fBsmtp_tls_secure_cert_match (nexthop, dot-nexthop)\fR"
481 /* How the Postfix SMTP client verifies the server certificate
482 /* peername for the "secure" TLS security level.
483 /* .IP "\fBsmtp_tls_session_cache_database (empty)\fR"
484 /* Name of the file containing the optional Postfix SMTP client
485 /* TLS session cache.
486 /* .IP "\fBsmtp_tls_session_cache_timeout (3600s)\fR"
487 /* The expiration time of Postfix SMTP client TLS session cache
488 /* information.
489 /* .IP "\fBsmtp_tls_verify_cert_match (hostname)\fR"
490 /* How the Postfix SMTP client verifies the server certificate
491 /* peername for the
492 /* "verify" TLS security level.
493 /* .IP "\fBtls_daemon_random_bytes (32)\fR"
494 /* The number of pseudo-random bytes that an \fBsmtp\fR(8) or \fBsmtpd\fR(8)
495 /* process requests from the \fBtlsmgr\fR(8) server in order to seed its
496 /* internal pseudo random number generator (PRNG).
497 /* .IP "\fBtls_high_cipherlist (see 'postconf -d' output)\fR"
498 /* The OpenSSL cipherlist for "high" grade ciphers.
499 /* .IP "\fBtls_medium_cipherlist (see 'postconf -d' output)\fR"
500 /* The OpenSSL cipherlist for "medium" or higher grade ciphers.
501 /* .IP "\fBtls_low_cipherlist (see 'postconf -d' output)\fR"
502 /* The OpenSSL cipherlist for "low" or higher grade ciphers.
503 /* .IP "\fBtls_export_cipherlist (see 'postconf -d' output)\fR"
504 /* The OpenSSL cipherlist for "export" or higher grade ciphers.
505 /* .IP "\fBtls_null_cipherlist (eNULL:!aNULL)\fR"
506 /* The OpenSSL cipherlist for "NULL" grade ciphers that provide
507 /* authentication without encryption.
508 /* .PP
509 /* Available in Postfix version 2.4 and later:
510 /* .IP "\fBsmtp_sasl_tls_verified_security_options ($smtp_sasl_tls_security_options)\fR"
511 /* The SASL authentication security options that the Postfix SMTP
512 /* client uses for TLS encrypted SMTP sessions with a verified server
513 /* certificate.
514 /* .PP
515 /* Available in Postfix version 2.5 and later:
516 /* .IP "\fBsmtp_tls_fingerprint_cert_match (empty)\fR"
517 /* List of acceptable remote SMTP server certificate fingerprints for
518 /* the "fingerprint" TLS security level (\fBsmtp_tls_security_level\fR =
519 /* fingerprint).
520 /* .IP "\fBsmtp_tls_fingerprint_digest (see 'postconf -d' output)\fR"
521 /* The message digest algorithm used to construct remote SMTP server
522 /* certificate fingerprints.
523 /* .PP
524 /* Available in Postfix version 2.6 and later:
525 /* .IP "\fBsmtp_tls_protocols (see postconf -d output)\fR"
526 /* TLS protocols that the Postfix SMTP client will use with
527 /* opportunistic TLS encryption.
528 /* .IP "\fBsmtp_tls_ciphers (medium)\fR"
529 /* The minimum TLS cipher grade that the Postfix SMTP client
530 /* will use with opportunistic TLS encryption.
531 /* .IP "\fBsmtp_tls_eccert_file (empty)\fR"
532 /* File with the Postfix SMTP client ECDSA certificate in PEM format.
533 /* .IP "\fBsmtp_tls_eckey_file ($smtp_tls_eccert_file)\fR"
534 /* File with the Postfix SMTP client ECDSA private key in PEM format.
535 /* .PP
536 /* Available in Postfix version 2.7 and later:
537 /* .IP "\fBsmtp_tls_block_early_mail_reply (no)\fR"
538 /* Try to detect a mail hijacking attack based on a TLS protocol
539 /* vulnerability (CVE-2009-3555), where an attacker prepends malicious
540 /* HELO, MAIL, RCPT, DATA commands to a Postfix SMTP client TLS session.
541 /* .PP
542 /* Available in Postfix version 2.8 and later:
543 /* .IP "\fBtls_disable_workarounds (see 'postconf -d' output)\fR"
544 /* List or bit-mask of OpenSSL bug work-arounds to disable.
545 /* .PP
546 /* Available in Postfix version 2.11-3.1:
547 /* .IP "\fBtls_dane_digest_agility (on)\fR"
548 /* Configure RFC7671 DANE TLSA digest algorithm agility.
549 /* .IP "\fBtls_dane_trust_anchor_digest_enable (yes)\fR"
550 /* Enable support for RFC 6698 (DANE TLSA) DNS records that contain
551 /* digests of trust-anchors with certificate usage "2".
552 /* .PP
553 /* Available in Postfix version 2.11 and later:
554 /* .IP "\fBsmtp_tls_trust_anchor_file (empty)\fR"
555 /* Zero or more PEM-format files with trust-anchor certificates
556 /* and/or public keys.
557 /* .IP "\fBsmtp_tls_force_insecure_host_tlsa_lookup (no)\fR"
558 /* Lookup the associated DANE TLSA RRset even when a hostname is
559 /* not an alias and its address records lie in an unsigned zone.
560 /* .IP "\fBtlsmgr_service_name (tlsmgr)\fR"
561 /* The name of the \fBtlsmgr\fR(8) service entry in master.cf.
562 /* .PP
563 /* Available in Postfix version 3.0 and later:
564 /* .IP "\fBsmtp_tls_wrappermode (no)\fR"
565 /* Request that the Postfix SMTP client connects using the
566 /* legacy SMTPS protocol instead of using the STARTTLS command.
567 /* .PP
568 /* Available in Postfix version 3.1 and later:
569 /* .IP "\fBsmtp_tls_dane_insecure_mx_policy (see 'postconf -d' output)\fR"
570 /* The TLS policy for MX hosts with "secure" TLSA records when the
571 /* nexthop destination security level is \fBdane\fR, but the MX
572 /* record was found via an "insecure" MX lookup.
573 /* .PP
574 /* Available in Postfix version 3.4 and later:
575 /* .IP "\fBsmtp_tls_connection_reuse (no)\fR"
576 /* Try to make multiple deliveries per TLS-encrypted connection.
577 /* .IP "\fBsmtp_tls_chain_files (empty)\fR"
578 /* List of one or more PEM files, each holding one or more private keys
579 /* directly followed by a corresponding certificate chain.
580 /* .IP "\fBsmtp_tls_servername (empty)\fR"
581 /* Optional name to send to the remote SMTP server in the TLS Server
582 /* Name Indication (SNI) extension.
583 /* .PP
584 /* Available in Postfix 3.5, 3.4.6, 3.3.5, 3.2.10, 3.1.13 and later:
585 /* .IP "\fBtls_fast_shutdown_enable (yes)\fR"
586 /* A workaround for implementations that hang Postfix while shutting
587 /* down a TLS session, until Postfix times out.
588 /* OBSOLETE STARTTLS CONTROLS
589 /* .ad
590 /* .fi
591 /* The following configuration parameters exist for compatibility
592 /* with Postfix versions before 2.3. Support for these will
593 /* be removed in a future release.
594 /* .IP "\fBsmtp_use_tls (no)\fR"
595 /* Opportunistic mode: use TLS when a remote SMTP server announces
596 /* STARTTLS support, otherwise send the mail in the clear.
597 /* .IP "\fBsmtp_enforce_tls (no)\fR"
598 /* Enforcement mode: require that remote SMTP servers use TLS
599 /* encryption, and never send mail in the clear.
600 /* .IP "\fBsmtp_tls_enforce_peername (yes)\fR"
601 /* With mandatory TLS encryption, require that the remote SMTP
602 /* server hostname matches the information in the remote SMTP server
603 /* certificate.
604 /* .IP "\fBsmtp_tls_per_site (empty)\fR"
605 /* Optional lookup tables with the Postfix SMTP client TLS usage
606 /* policy by next-hop destination and by remote SMTP server hostname.
607 /* .IP "\fBsmtp_tls_cipherlist (empty)\fR"
608 /* Obsolete Postfix < 2.3 control for the Postfix SMTP client TLS
609 /* cipher list.
610 /* RESOURCE AND RATE CONTROLS
611 /* .ad
612 /* .fi
613 /* .IP "\fBsmtp_connect_timeout (30s)\fR"
614 /* The Postfix SMTP client time limit for completing a TCP connection, or
615 /* zero (use the operating system built-in time limit).
616 /* .IP "\fBsmtp_helo_timeout (300s)\fR"
617 /* The Postfix SMTP client time limit for sending the HELO or EHLO command,
618 /* and for receiving the initial remote SMTP server response.
619 /* .IP "\fBlmtp_lhlo_timeout (300s)\fR"
620 /* The Postfix LMTP client time limit for sending the LHLO command,
621 /* and for receiving the initial remote LMTP server response.
622 /* .IP "\fBsmtp_xforward_timeout (300s)\fR"
623 /* The Postfix SMTP client time limit for sending the XFORWARD command,
624 /* and for receiving the remote SMTP server response.
625 /* .IP "\fBsmtp_mail_timeout (300s)\fR"
626 /* The Postfix SMTP client time limit for sending the MAIL FROM command,
627 /* and for receiving the remote SMTP server response.
628 /* .IP "\fBsmtp_rcpt_timeout (300s)\fR"
629 /* The Postfix SMTP client time limit for sending the SMTP RCPT TO
630 /* command, and for receiving the remote SMTP server response.
631 /* .IP "\fBsmtp_data_init_timeout (120s)\fR"
632 /* The Postfix SMTP client time limit for sending the SMTP DATA command,
633 /* and for receiving the remote SMTP server response.
634 /* .IP "\fBsmtp_data_xfer_timeout (180s)\fR"
635 /* The Postfix SMTP client time limit for sending the SMTP message content.
636 /* .IP "\fBsmtp_data_done_timeout (600s)\fR"
637 /* The Postfix SMTP client time limit for sending the SMTP ".", and
638 /* for receiving the remote SMTP server response.
639 /* .IP "\fBsmtp_quit_timeout (300s)\fR"
640 /* The Postfix SMTP client time limit for sending the QUIT command,
641 /* and for receiving the remote SMTP server response.
642 /* .PP
643 /* Available in Postfix version 2.1 and later:
644 /* .IP "\fBsmtp_mx_address_limit (5)\fR"
645 /* The maximal number of MX (mail exchanger) IP addresses that can
646 /* result from Postfix SMTP client mail exchanger lookups, or zero (no
647 /* limit).
648 /* .IP "\fBsmtp_mx_session_limit (2)\fR"
649 /* The maximal number of SMTP sessions per delivery request before
650 /* the Postfix SMTP client
651 /* gives up or delivers to a fall-back relay host, or zero (no
652 /* limit).
653 /* .IP "\fBsmtp_rset_timeout (20s)\fR"
654 /* The Postfix SMTP client time limit for sending the RSET command,
655 /* and for receiving the remote SMTP server response.
656 /* .PP
657 /* Available in Postfix version 2.2 and earlier:
658 /* .IP "\fBlmtp_cache_connection (yes)\fR"
659 /* Keep Postfix LMTP client connections open for up to $max_idle
660 /* seconds.
661 /* .PP
662 /* Available in Postfix version 2.2 and later:
663 /* .IP "\fBsmtp_connection_cache_destinations (empty)\fR"
664 /* Permanently enable SMTP connection caching for the specified
665 /* destinations.
666 /* .IP "\fBsmtp_connection_cache_on_demand (yes)\fR"
667 /* Temporarily enable SMTP connection caching while a destination
668 /* has a high volume of mail in the active queue.
669 /* .IP "\fBsmtp_connection_reuse_time_limit (300s)\fR"
670 /* The amount of time during which Postfix will use an SMTP
671 /* connection repeatedly.
672 /* .IP "\fBsmtp_connection_cache_time_limit (2s)\fR"
673 /* When SMTP connection caching is enabled, the amount of time that
674 /* an unused SMTP client socket is kept open before it is closed.
675 /* .PP
676 /* Available in Postfix version 2.3 and later:
677 /* .IP "\fBconnection_cache_protocol_timeout (5s)\fR"
678 /* Time limit for connection cache connect, send or receive
679 /* operations.
680 /* .PP
681 /* Available in Postfix version 2.9 - 3.6:
682 /* .IP "\fBsmtp_per_record_deadline (no)\fR"
683 /* Change the behavior of the smtp_*_timeout time limits, from a
684 /* time limit per read or write system call, to a time limit to send
685 /* or receive a complete record (an SMTP command line, SMTP response
686 /* line, SMTP message content line, or TLS protocol message).
687 /* .PP
688 /* Available in Postfix version 2.11 and later:
689 /* .IP "\fBsmtp_connection_reuse_count_limit (0)\fR"
690 /* When SMTP connection caching is enabled, the number of times
691 /* that an SMTP session may be reused before it is closed, or zero (no
692 /* limit).
693 /* .PP
694 /* Available in Postfix version 3.4 and later:
695 /* .IP "\fBsmtp_tls_connection_reuse (no)\fR"
696 /* Try to make multiple deliveries per TLS-encrypted connection.
697 /* .PP
698 /* Available in Postfix version 3.7 and later:
699 /* .IP "\fBsmtp_per_request_deadline (no)\fR"
700 /* Change the behavior of the smtp_*_timeout time limits, from a
701 /* time limit per plaintext or TLS read or write call, to a combined
702 /* time limit for sending a complete SMTP request and for receiving a
703 /* complete SMTP response.
704 /* .IP "\fBsmtp_min_data_rate (500)\fR"
705 /* The minimum plaintext data transfer rate in bytes/second for
706 /* DATA requests, when deadlines are enabled with smtp_per_request_deadline.
707 /* .PP
708 /* Implemented in the qmgr(8) daemon:
709 /* .IP "\fBtransport_destination_concurrency_limit ($default_destination_concurrency_limit)\fR"
710 /* A transport-specific override for the
711 /* default_destination_concurrency_limit parameter value, where
712 /* \fItransport\fR is the master.cf name of the message delivery
713 /* transport.
714 /* .IP "\fBtransport_destination_recipient_limit ($default_destination_recipient_limit)\fR"
715 /* A transport-specific override for the
716 /* default_destination_recipient_limit parameter value, where
717 /* \fItransport\fR is the master.cf name of the message delivery
718 /* transport.
719 /* SMTPUTF8 CONTROLS
720 /* .ad
721 /* .fi
722 /* Preliminary SMTPUTF8 support is introduced with Postfix 3.0.
723 /* .IP "\fBsmtputf8_enable (yes)\fR"
724 /* Enable preliminary SMTPUTF8 support for the protocols described
725 /* in RFC 6531..6533.
726 /* .IP "\fBsmtputf8_autodetect_classes (sendmail, verify)\fR"
727 /* Detect that a message requires SMTPUTF8 support for the specified
728 /* mail origin classes.
729 /* .PP
730 /* Available in Postfix version 3.2 and later:
731 /* .IP "\fBenable_idna2003_compatibility (no)\fR"
732 /* Enable 'transitional' compatibility between IDNA2003 and IDNA2008,
733 /* when converting UTF-8 domain names to/from the ASCII form that is
734 /* used for DNS lookups.
735 /* TROUBLE SHOOTING CONTROLS
736 /* .ad
737 /* .fi
738 /* .IP "\fBdebug_peer_level (2)\fR"
739 /* The increment in verbose logging level when a nexthop destination,
740 /* remote client or server name or network address matches a pattern
741 /* given with the debug_peer_list parameter.
742 /* .IP "\fBdebug_peer_list (empty)\fR"
743 /* Optional list of nexthop destination, remote client or server
744 /* name or network address patterns that, if matched, cause the verbose
745 /* logging level to increase by the amount specified in $debug_peer_level.
746 /* .IP "\fBerror_notice_recipient (postmaster)\fR"
747 /* The recipient of postmaster notifications about mail delivery
748 /* problems that are caused by policy, resource, software or protocol
749 /* errors.
750 /* .IP "\fBinternal_mail_filter_classes (empty)\fR"
751 /* What categories of Postfix-generated mail are subject to
752 /* before-queue content inspection by non_smtpd_milters, header_checks
753 /* and body_checks.
754 /* .IP "\fBnotify_classes (resource, software)\fR"
755 /* The list of error classes that are reported to the postmaster.
756 /* MISCELLANEOUS CONTROLS
757 /* .ad
758 /* .fi
759 /* .IP "\fBbest_mx_transport (empty)\fR"
760 /* Where the Postfix SMTP client should deliver mail when it detects
761 /* a "mail loops back to myself" error condition.
762 /* .IP "\fBconfig_directory (see 'postconf -d' output)\fR"
763 /* The default location of the Postfix main.cf and master.cf
764 /* configuration files.
765 /* .IP "\fBdaemon_timeout (18000s)\fR"
766 /* How much time a Postfix daemon process may take to handle a
767 /* request before it is terminated by a built-in watchdog timer.
768 /* .IP "\fBdelay_logging_resolution_limit (2)\fR"
769 /* The maximal number of digits after the decimal point when logging
770 /* sub-second delay values.
771 /* .IP "\fBdisable_dns_lookups (no)\fR"
772 /* Disable DNS lookups in the Postfix SMTP and LMTP clients.
773 /* .IP "\fBinet_interfaces (all)\fR"
774 /* The network interface addresses that this mail system receives
775 /* mail on.
776 /* .IP "\fBinet_protocols (see 'postconf -d output')\fR"
777 /* The Internet protocols Postfix will attempt to use when making
778 /* or accepting connections.
779 /* .IP "\fBipc_timeout (3600s)\fR"
780 /* The time limit for sending or receiving information over an internal
781 /* communication channel.
782 /* .IP "\fBlmtp_assume_final (no)\fR"
783 /* When a remote LMTP server announces no DSN support, assume that
784 /* the
785 /* server performs final delivery, and send "delivered" delivery status
786 /* notifications instead of "relayed".
787 /* .IP "\fBlmtp_tcp_port (24)\fR"
788 /* The default TCP port that the Postfix LMTP client connects to.
789 /* .IP "\fBmax_idle (100s)\fR"
790 /* The maximum amount of time that an idle Postfix daemon process waits
791 /* for an incoming connection before terminating voluntarily.
792 /* .IP "\fBmax_use (100)\fR"
793 /* The maximal number of incoming connections that a Postfix daemon
794 /* process will service before terminating voluntarily.
795 /* .IP "\fBprocess_id (read-only)\fR"
796 /* The process ID of a Postfix command or daemon process.
797 /* .IP "\fBprocess_name (read-only)\fR"
798 /* The process name of a Postfix command or daemon process.
799 /* .IP "\fBproxy_interfaces (empty)\fR"
800 /* The network interface addresses that this mail system receives mail
801 /* on by way of a proxy or network address translation unit.
802 /* .IP "\fBsmtp_address_preference (any)\fR"
803 /* The address type ("ipv6", "ipv4" or "any") that the Postfix
804 /* SMTP client will try first, when a destination has IPv6 and IPv4
805 /* addresses with equal MX preference.
806 /* .IP "\fBsmtp_bind_address (empty)\fR"
807 /* An optional numerical network address that the Postfix SMTP client
808 /* should bind to when making an IPv4 connection.
809 /* .IP "\fBsmtp_bind_address6 (empty)\fR"
810 /* An optional numerical network address that the Postfix SMTP client
811 /* should bind to when making an IPv6 connection.
812 /* .IP "\fBsmtp_helo_name ($myhostname)\fR"
813 /* The hostname to send in the SMTP HELO or EHLO command.
814 /* .IP "\fBlmtp_lhlo_name ($myhostname)\fR"
815 /* The hostname to send in the LMTP LHLO command.
816 /* .IP "\fBsmtp_host_lookup (dns)\fR"
817 /* What mechanisms the Postfix SMTP client uses to look up a host's
818 /* IP address.
819 /* .IP "\fBsmtp_randomize_addresses (yes)\fR"
820 /* Randomize the order of equal-preference MX host addresses.
821 /* .IP "\fBsyslog_facility (mail)\fR"
822 /* The syslog facility of Postfix logging.
823 /* .IP "\fBsyslog_name (see 'postconf -d' output)\fR"
824 /* A prefix that is prepended to the process name in syslog
825 /* records, so that, for example, "smtpd" becomes "prefix/smtpd".
826 /* .PP
827 /* Available with Postfix 2.2 and earlier:
828 /* .IP "\fBfallback_relay (empty)\fR"
829 /* Optional list of relay hosts for SMTP destinations that can't be
830 /* found or that are unreachable.
831 /* .PP
832 /* Available with Postfix 2.3 and later:
833 /* .IP "\fBsmtp_fallback_relay ($fallback_relay)\fR"
834 /* Optional list of relay hosts for SMTP destinations that can't be
835 /* found or that are unreachable.
836 /* .PP
837 /* Available with Postfix 3.0 and later:
838 /* .IP "\fBsmtp_address_verify_target (rcpt)\fR"
839 /* In the context of email address verification, the SMTP protocol
840 /* stage that determines whether an email address is deliverable.
841 /* .PP
842 /* Available with Postfix 3.1 and later:
843 /* .IP "\fBlmtp_fallback_relay (empty)\fR"
844 /* Optional list of relay hosts for LMTP destinations that can't be
845 /* found or that are unreachable.
846 /* .PP
847 /* Available with Postfix 3.2 and later:
848 /* .IP "\fBsmtp_tcp_port (smtp)\fR"
849 /* The default TCP port that the Postfix SMTP client connects to.
850 /* .PP
851 /* Available in Postfix 3.3 and later:
852 /* .IP "\fBservice_name (read-only)\fR"
853 /* The master.cf service name of a Postfix daemon process.
854 /* .PP
855 /* Available in Postfix 3.7 and later:
856 /* .IP "\fBsmtp_bind_address_enforce (no)\fR"
857 /* Defer delivery when the Postfix SMTP client cannot apply the
858 /* smtp_bind_address or smtp_bind_address6 setting.
859 /* SEE ALSO
860 /* generic(5), output address rewriting
861 /* header_checks(5), message header content inspection
862 /* body_checks(5), body parts content inspection
863 /* qmgr(8), queue manager
864 /* bounce(8), delivery status reports
865 /* scache(8), connection cache server
866 /* postconf(5), configuration parameters
867 /* master(5), generic daemon options
868 /* master(8), process manager
869 /* tlsmgr(8), TLS session and PRNG management
870 /* postlogd(8), Postfix logging
871 /* syslogd(8), system logging
872 /* README FILES
873 /* .ad
874 /* .fi
875 /* Use "\fBpostconf readme_directory\fR" or
876 /* "\fBpostconf html_directory\fR" to locate this information.
877 /* .na
878 /* .nf
879 /* SASL_README, Postfix SASL howto
880 /* TLS_README, Postfix STARTTLS howto
881 /* LICENSE
882 /* .ad
883 /* .fi
884 /* The Secure Mailer license must be distributed with this software.
885 /* AUTHOR(S)
886 /* Wietse Venema
887 /* IBM T.J. Watson Research
888 /* P.O. Box 704
889 /* Yorktown Heights, NY 10598, USA
890 /*
891 /* Wietse Venema
892 /* Google, Inc.
893 /* 111 8th Avenue
894 /* New York, NY 10011, USA
895 /*
896 /* Command pipelining in cooperation with:
897 /* Jon Ribbens
898 /* Oaktree Internet Solutions Ltd.,
899 /* Internet House,
900 /* Canal Basin,
901 /* Coventry,
902 /* CV1 4LY, United Kingdom.
903 /*
904 /* SASL support originally by:
905 /* Till Franke
906 /* SuSE Rhein/Main AG
907 /* 65760 Eschborn, Germany
908 /*
909 /* TLS support originally by:
910 /* Lutz Jaenicke
911 /* BTU Cottbus
912 /* Allgemeine Elektrotechnik
913 /* Universitaetsplatz 3-4
914 /* D-03044 Cottbus, Germany
915 /*
916 /* Revised TLS and SMTP connection cache support by:
917 /* Victor Duchovni
918 /* Morgan Stanley
919 /*--*/
920
921 /* System library. */
922
923 #include <sys_defs.h>
924 #include <unistd.h>
925 #include <stdlib.h>
926 #include <string.h>
927 #include <fcntl.h>
928 #include <dict.h>
929 #include <stringops.h>
930
931 /* Utility library. */
932
933 #include <msg.h>
934 #include <mymalloc.h>
935 #include <name_mask.h>
936 #include <name_code.h>
937 #include <byte_mask.h>
938
939 /* Global library. */
940
941 #include <deliver_request.h>
942 #include <delivered_hdr.h>
943 #include <mail_proto.h>
944 #include <mail_params.h>
945 #include <mail_version.h>
946 #include <mail_conf.h>
947 #include <debug_peer.h>
948 #include <flush_clnt.h>
949 #include <scache.h>
950 #include <string_list.h>
951 #include <maps.h>
952 #include <ext_prop.h>
953 #include <hfrom_format.h>
954
955 /* DNS library. */
956
957 #include <dns.h>
958
959 /* Single server skeleton. */
960
961 #include <mail_server.h>
962
963 /* Application-specific. */
964
965 #include "smtp.h"
966 #include "smtp_sasl.h"
967
968 /*
969 * Tunable parameters. These have compiled-in defaults that can be overruled
970 * by settings in the global Postfix configuration file.
971 */
972 int var_smtp_conn_tmout;
973 int var_smtp_helo_tmout;
974 int var_smtp_xfwd_tmout;
975 int var_smtp_mail_tmout;
976 int var_smtp_rcpt_tmout;
977 int var_smtp_data0_tmout;
978 int var_smtp_data1_tmout;
979 int var_smtp_data2_tmout;
980 int var_smtp_rset_tmout;
981 int var_smtp_quit_tmout;
982 char *var_notify_classes;
983 int var_smtp_skip_5xx_greeting;
984 int var_ign_mx_lookup_err;
985 int var_skip_quit_resp;
986 char *var_fallback_relay;
987 char *var_bestmx_transp;
988 char *var_error_rcpt;
989 int var_smtp_always_ehlo;
990 int var_smtp_never_ehlo;
991 char *var_smtp_sasl_opts;
992 char *var_smtp_sasl_path;
993 char *var_smtp_sasl_passwd;
994 bool var_smtp_sasl_enable;
995 char *var_smtp_sasl_mechs;
996 char *var_smtp_sasl_type;
997 char *var_smtp_bind_addr;
998 char *var_smtp_bind_addr6;
999 char *var_smtp_vrfy_tgt;
1000 bool var_smtp_rand_addr;
1001 int var_smtp_pix_thresh;
1002 int var_queue_run_delay;
1003 int var_min_backoff_time;
1004 int var_smtp_pix_delay;
1005 int var_smtp_line_limit;
1006 char *var_smtp_helo_name;
1007 char *var_smtp_host_lookup;
1008 bool var_smtp_quote_821_env;
1009 bool var_smtp_defer_mxaddr;
1010 bool var_smtp_send_xforward;
1011 int var_smtp_mxaddr_limit;
1012 int var_smtp_mxsess_limit;
1013 int var_smtp_cache_conn;
1014 int var_smtp_reuse_time;
1015 int var_smtp_reuse_count;
1016 char *var_smtp_cache_dest;
1017 char *var_scache_service; /* You can now leave this here. */
1018 bool var_smtp_cache_demand;
1019 char *var_smtp_ehlo_dis_words;
1020 char *var_smtp_ehlo_dis_maps;
1021 char *var_smtp_addr_pref;
1022
1023 char *var_smtp_tls_level;
1024 bool var_smtp_use_tls;
1025 bool var_smtp_enforce_tls;
1026 char *var_smtp_tls_per_site;
1027 char *var_smtp_tls_policy;
1028 bool var_smtp_tls_wrappermode;
1029 bool var_smtp_tls_conn_reuse;
1030 char *var_tlsproxy_service;
1031
1032 #ifdef USE_TLS
1033 char *var_smtp_sasl_tls_opts;
1034 char *var_smtp_sasl_tlsv_opts;
1035 int var_smtp_starttls_tmout;
1036 char *var_smtp_tls_CAfile;
1037 char *var_smtp_tls_CApath;
1038 char *var_smtp_tls_chain_files;
1039 char *var_smtp_tls_cert_file;
1040 char *var_smtp_tls_mand_ciph;
1041 char *var_smtp_tls_excl_ciph;
1042 char *var_smtp_tls_mand_excl;
1043 char *var_smtp_tls_dcert_file;
1044 char *var_smtp_tls_dkey_file;
1045 bool var_smtp_tls_enforce_peername;
1046 char *var_smtp_tls_key_file;
1047 char *var_smtp_tls_loglevel;
1048 bool var_smtp_tls_note_starttls_offer;
1049 char *var_smtp_tls_mand_proto;
1050 char *var_smtp_tls_sec_cmatch;
1051 int var_smtp_tls_scert_vd;
1052 char *var_smtp_tls_vfy_cmatch;
1053 char *var_smtp_tls_fpt_cmatch;
1054 char *var_smtp_tls_fpt_dgst;
1055 char *var_smtp_tls_tafile;
1056 char *var_smtp_tls_proto;
1057 char *var_smtp_tls_ciph;
1058 char *var_smtp_tls_eccert_file;
1059 char *var_smtp_tls_eckey_file;
1060 char *var_smtp_tls_sni;
1061 bool var_smtp_tls_blk_early_mail_reply;
1062 bool var_smtp_tls_force_tlsa;
1063 char *var_smtp_tls_insecure_mx_policy;
1064
1065 #endif
1066
1067 char *var_smtp_generic_maps;
1068 char *var_prop_extension;
1069 bool var_smtp_sender_auth;
1070 char *var_smtp_tcp_port;
1071 int var_scache_proto_tmout;
1072 bool var_smtp_cname_overr;
1073 char *var_smtp_pix_bug_words;
1074 char *var_smtp_pix_bug_maps;
1075 char *var_cyrus_conf_path;
1076 char *var_smtp_head_chks;
1077 char *var_smtp_mime_chks;
1078 char *var_smtp_nest_chks;
1079 char *var_smtp_body_chks;
1080 char *var_smtp_resp_filter;
1081 bool var_lmtp_assume_final;
1082 char *var_smtp_dns_res_opt;
1083 char *var_smtp_dns_support;
1084 bool var_smtp_dummy_mail_auth;
1085 char *var_smtp_dsn_filter;
1086 char *var_smtp_dns_re_filter;
1087 bool var_smtp_balance_inet_proto;
1088 bool var_smtp_req_deadline;
1089 int var_smtp_min_data_rate;
1090
1091 /* Special handling of 535 AUTH errors. */
1092 char *var_smtp_sasl_auth_cache_name;
1093 int var_smtp_sasl_auth_cache_time;
1094 bool var_smtp_sasl_auth_soft_bounce;
1095
1096 char *var_hfrom_format;
1097 bool var_smtp_bind_addr_enforce;
1098
1099 /*
1100 * Global variables.
1101 */
1102 int smtp_mode;
1103 int smtp_host_lookup_mask;
1104 int smtp_dns_support;
1105 STRING_LIST *smtp_cache_dest;
1106 SCACHE *smtp_scache;
1107 MAPS *smtp_ehlo_dis_maps;
1108 MAPS *smtp_generic_maps;
1109 int smtp_ext_prop_mask;
1110 unsigned smtp_dns_res_opt;
1111 MAPS *smtp_pix_bug_maps;
1112 HBC_CHECKS *smtp_header_checks; /* limited header checks */
1113 HBC_CHECKS *smtp_body_checks; /* limited body checks */
1114 SMTP_CLI_ATTR smtp_cli_attr; /* parsed command-line */
1115 int smtp_hfrom_format; /* postmaster notifications */
1116
1117 #ifdef USE_TLS
1118
1119 /*
1120 * OpenSSL client state (opaque handle)
1121 */
1122 TLS_APPL_STATE *smtp_tls_ctx;
1123 int smtp_tls_insecure_mx_policy;
1124
1125 #endif
1126
1127 /*
1128 * IPv6 preference.
1129 */
1130 static int smtp_addr_pref;
1131
1132 /* get_cli_attr - get command-line attributes */
1133
get_cli_attr(SMTP_CLI_ATTR * attr,char ** argv)1134 static void get_cli_attr(SMTP_CLI_ATTR *attr, char **argv)
1135 {
1136 const char myname[] = "get_cli_attr";
1137 const char *last_flags = "flags="; /* i.e. empty */
1138 static const BYTE_MASK flags_map[] = {
1139 'D', SMTP_CLI_FLAG_DELIVERED_TO,
1140 'O', SMTP_CLI_FLAG_ORIG_RCPT,
1141 'R', SMTP_CLI_FLAG_RETURN_PATH,
1142 'X', SMTP_CLI_FLAG_FINAL_DELIVERY,
1143 0,
1144 };
1145
1146 /*
1147 * Initialize.
1148 */
1149 attr->flags = 0;
1150
1151 /*
1152 * Iterate over the command-line attribute list. Errors are fatal.
1153 */
1154 for ( /* void */ ; *argv != 0; argv++) {
1155
1156 /*
1157 * flags=stuff. Errors are fatal.
1158 */
1159 if (strncasecmp("flags=", *argv, sizeof("flags=") - 1) == 0) {
1160 last_flags = *argv;
1161 if (msg_verbose)
1162 msg_info("%s: %s", myname, last_flags);
1163 attr->flags = byte_mask(*argv, flags_map,
1164 *argv + sizeof("flags=") - 1);
1165 }
1166
1167 /*
1168 * Bad.
1169 */
1170 else
1171 msg_fatal("unknown attribute name: %s", *argv);
1172 }
1173
1174 /*
1175 * Backwards compatibility, redundancy, and obsolescence.
1176 */
1177 if (!smtp_mode && var_lmtp_assume_final
1178 && (attr->flags & SMTP_CLI_FLAG_FINAL_DELIVERY) == 0) {
1179 attr->flags |= SMTP_CLI_FLAG_FINAL_DELIVERY;
1180 msg_warn("%s is obsolete; instead, specify \"%sX\" in %s",
1181 VAR_LMTP_ASSUME_FINAL, last_flags, MASTER_CONF_FILE);
1182 }
1183 }
1184
1185 /* deliver_message - deliver message with extreme prejudice */
1186
deliver_message(const char * service,DELIVER_REQUEST * request)1187 static int deliver_message(const char *service, DELIVER_REQUEST *request)
1188 {
1189 SMTP_STATE *state;
1190 int result;
1191
1192 if (msg_verbose)
1193 msg_info("deliver_message: from %s", request->sender);
1194
1195 /*
1196 * Sanity checks. The smtp server is unprivileged and chrooted, so we can
1197 * afford to distribute the data censoring code, instead of having it all
1198 * in one place.
1199 */
1200 if (request->nexthop[0] == 0)
1201 msg_fatal("empty nexthop hostname");
1202 if (request->rcpt_list.len <= 0)
1203 msg_fatal("recipient count: %d", request->rcpt_list.len);
1204
1205 /*
1206 * D flag checks.
1207 */
1208 if (smtp_cli_attr.flags & SMTP_CLI_FLAG_DELIVERED_TO) {
1209
1210 /*
1211 * The D flag cannot be specified for multi-recipient deliveries.
1212 */
1213 if (request->rcpt_list.len > 1) {
1214 msg_warn("flag `D' requires %s_destination_recipient_limit = 1",
1215 service);
1216 return (reject_deliver_request(service, request, "4.3.5",
1217 "mail system configuration error"));
1218 }
1219
1220 /*
1221 * The recipient cannot appear in a Delivered-To: header.
1222 */
1223 else {
1224 DELIVERED_HDR_INFO *delivered_info = delivered_hdr_init(
1225 request->fp, request->data_offset, FOLD_ADDR_ALL);
1226 VSTRING *generic_rcpt = vstring_alloc(100);
1227 int have_delivered_loop;
1228
1229 smtp_rewrite_generic_internal(generic_rcpt,
1230 request->rcpt_list.info->address);
1231 have_delivered_loop = delivered_hdr_find(
1232 delivered_info, STR(generic_rcpt));
1233 vstring_free(generic_rcpt);
1234 delivered_hdr_free(delivered_info);
1235 if (have_delivered_loop) {
1236 return (reject_deliver_request(service, request, "5.4.6",
1237 "mail forwarding loop for %s",
1238 request->rcpt_list.info->address));
1239 }
1240 }
1241 }
1242
1243 /*
1244 * The O flag cannot be specified for multi-recipient deliveries.
1245 */
1246 if ((smtp_cli_attr.flags & SMTP_CLI_FLAG_ORIG_RCPT)
1247 && request->rcpt_list.len > 1) {
1248 msg_warn("flag `O' requires %s_destination_recipient_limit = 1",
1249 service);
1250 return (reject_deliver_request(service, request, "4.3.5",
1251 "mail system configuration error"));
1252 }
1253
1254 /*
1255 * Initialize. Bundle all information about the delivery request, so that
1256 * we can produce understandable diagnostics when something goes wrong
1257 * many levels below. The alternative would be to make everything global.
1258 */
1259 state = smtp_state_alloc();
1260 state->request = request;
1261 state->src = request->fp;
1262 state->service = service;
1263 state->misc_flags |= smtp_addr_pref;
1264 state->debug_peer_per_nexthop =
1265 debug_peer_check(request->nexthop, "noaddr");
1266 SMTP_RCPT_INIT(state);
1267
1268 /*
1269 * Establish an SMTP session and deliver this message to all requested
1270 * recipients. At the end, notify the postmaster of any protocol errors.
1271 * Optionally deliver mail locally when this machine is the best mail
1272 * exchanger.
1273 */
1274 result = smtp_connect(state);
1275
1276 /*
1277 * Clean up.
1278 */
1279 smtp_state_free(state);
1280
1281 return (result);
1282 }
1283
1284 /* smtp_service - perform service for client */
1285
smtp_service(VSTREAM * client_stream,char * service,char ** unused_argv)1286 static void smtp_service(VSTREAM *client_stream, char *service,
1287 char **unused_argv)
1288 {
1289 DELIVER_REQUEST *request;
1290 int status;
1291
1292 /*
1293 * This routine runs whenever a client connects to the UNIX-domain socket
1294 * dedicated to remote SMTP delivery service. What we see below is a
1295 * little protocol to (1) tell the queue manager that we are ready, (2)
1296 * read a request from the queue manager, and (3) report the completion
1297 * status of that request. All connection-management stuff is handled by
1298 * the common code in single_server.c.
1299 */
1300 if ((request = deliver_request_read(client_stream)) != 0) {
1301 status = deliver_message(service, request);
1302 deliver_request_done(client_stream, request, status);
1303 }
1304 }
1305
1306 /* post_init - post-jail initialization */
1307
post_init(char * unused_name,char ** argv)1308 static void post_init(char *unused_name, char **argv)
1309 {
1310 static const NAME_MASK lookup_masks[] = {
1311 SMTP_HOST_LOOKUP_DNS, SMTP_HOST_FLAG_DNS,
1312 SMTP_HOST_LOOKUP_NATIVE, SMTP_HOST_FLAG_NATIVE,
1313 0,
1314 };
1315 static const NAME_MASK dns_res_opt_masks[] = {
1316 SMTP_DNS_RES_OPT_DEFNAMES, RES_DEFNAMES,
1317 SMTP_DNS_RES_OPT_DNSRCH, RES_DNSRCH,
1318 0,
1319 };
1320 static const NAME_CODE dns_support[] = {
1321 SMTP_DNS_SUPPORT_DISABLED, SMTP_DNS_DISABLED,
1322 SMTP_DNS_SUPPORT_ENABLED, SMTP_DNS_ENABLED,
1323 #if (RES_USE_DNSSEC != 0) && (RES_USE_EDNS0 != 0)
1324 SMTP_DNS_SUPPORT_DNSSEC, SMTP_DNS_DNSSEC,
1325 #endif
1326 0, SMTP_DNS_INVALID,
1327 };
1328
1329 if (*var_smtp_dns_support == 0) {
1330 /* Backwards compatible empty setting */
1331 smtp_dns_support =
1332 var_disable_dns ? SMTP_DNS_DISABLED : SMTP_DNS_ENABLED;
1333 } else {
1334 smtp_dns_support =
1335 name_code(dns_support, NAME_CODE_FLAG_NONE, var_smtp_dns_support);
1336 if (smtp_dns_support == SMTP_DNS_INVALID)
1337 msg_fatal("invalid %s: \"%s\"", VAR_LMTP_SMTP(DNS_SUPPORT),
1338 var_smtp_dns_support);
1339 var_disable_dns = (smtp_dns_support == SMTP_DNS_DISABLED);
1340 }
1341
1342 #ifdef USE_TLS
1343 if (smtp_mode) {
1344 smtp_tls_insecure_mx_policy =
1345 tls_level_lookup(var_smtp_tls_insecure_mx_policy);
1346 switch (smtp_tls_insecure_mx_policy) {
1347 case TLS_LEV_MAY:
1348 case TLS_LEV_ENCRYPT:
1349 case TLS_LEV_DANE:
1350 break;
1351 default:
1352 msg_fatal("invalid %s: \"%s\"", VAR_SMTP_TLS_INSECURE_MX_POLICY,
1353 var_smtp_tls_insecure_mx_policy);
1354 }
1355 }
1356 #endif
1357
1358 /*
1359 * Select hostname lookup mechanisms.
1360 */
1361 if (smtp_dns_support == SMTP_DNS_DISABLED)
1362 smtp_host_lookup_mask = SMTP_HOST_FLAG_NATIVE;
1363 else
1364 smtp_host_lookup_mask =
1365 name_mask(VAR_LMTP_SMTP(HOST_LOOKUP), lookup_masks,
1366 var_smtp_host_lookup);
1367 if (msg_verbose)
1368 msg_info("host name lookup methods: %s",
1369 str_name_mask(VAR_LMTP_SMTP(HOST_LOOKUP), lookup_masks,
1370 smtp_host_lookup_mask));
1371
1372 /*
1373 * Session cache instance.
1374 */
1375 if (*var_smtp_cache_dest || var_smtp_cache_demand)
1376 #if 0
1377 smtp_scache = scache_multi_create();
1378 #else
1379 smtp_scache = scache_clnt_create(var_scache_service,
1380 var_scache_proto_tmout,
1381 var_ipc_idle_limit,
1382 var_ipc_ttl_limit);
1383 #endif
1384
1385 /*
1386 * Select DNS query flags.
1387 */
1388 smtp_dns_res_opt = name_mask(VAR_LMTP_SMTP(DNS_RES_OPT), dns_res_opt_masks,
1389 var_smtp_dns_res_opt);
1390
1391 /*
1392 * Address verification.
1393 */
1394 smtp_vrfy_init();
1395
1396 /*
1397 * Look up service command-line attributes; these do not change during
1398 * the process lifetime.
1399 */
1400 get_cli_attr(&smtp_cli_attr, argv);
1401
1402 /*
1403 * header_from format, for postmaster notifications.
1404 */
1405 smtp_hfrom_format = hfrom_format_parse(VAR_HFROM_FORMAT, var_hfrom_format);
1406 }
1407
1408 /* pre_init - pre-jail initialization */
1409
pre_init(char * unused_name,char ** unused_argv)1410 static void pre_init(char *unused_name, char **unused_argv)
1411 {
1412 int use_tls;
1413 static const NAME_CODE addr_pref_map[] = {
1414 INET_PROTO_NAME_IPV6, SMTP_MISC_FLAG_PREF_IPV6,
1415 INET_PROTO_NAME_IPV4, SMTP_MISC_FLAG_PREF_IPV4,
1416 INET_PROTO_NAME_ANY, 0,
1417 0, -1,
1418 };
1419
1420 /*
1421 * Turn on per-peer debugging.
1422 */
1423 debug_peer_init();
1424
1425 /*
1426 * SASL initialization.
1427 */
1428 if (var_smtp_sasl_enable)
1429 #ifdef USE_SASL_AUTH
1430 smtp_sasl_initialize();
1431 #else
1432 msg_warn("%s is true, but SASL support is not compiled in",
1433 VAR_LMTP_SMTP(SASL_ENABLE));
1434 #endif
1435
1436 if (*var_smtp_tls_level != 0)
1437 #ifdef USE_TLS
1438 switch (tls_level_lookup(var_smtp_tls_level)) {
1439 case TLS_LEV_SECURE:
1440 case TLS_LEV_VERIFY:
1441 case TLS_LEV_DANE_ONLY:
1442 case TLS_LEV_FPRINT:
1443 case TLS_LEV_ENCRYPT:
1444 var_smtp_use_tls = var_smtp_enforce_tls = 1;
1445 break;
1446 case TLS_LEV_DANE:
1447 case TLS_LEV_MAY:
1448 var_smtp_use_tls = 1;
1449 var_smtp_enforce_tls = 0;
1450 break;
1451 case TLS_LEV_NONE:
1452 var_smtp_use_tls = var_smtp_enforce_tls = 0;
1453 break;
1454 default:
1455 /* tls_level_lookup() logs no warning. */
1456 /* session_tls_init() assumes that var_smtp_tls_level is sane. */
1457 msg_fatal("Invalid TLS level \"%s\"", var_smtp_tls_level);
1458 }
1459 #endif
1460 use_tls = (var_smtp_use_tls || var_smtp_enforce_tls);
1461
1462 /*
1463 * Initialize the TLS data before entering the chroot jail
1464 */
1465 if (use_tls || var_smtp_tls_per_site[0] || var_smtp_tls_policy[0]) {
1466 #ifdef USE_TLS
1467 TLS_CLIENT_INIT_PROPS props;
1468
1469 tls_pre_jail_init(TLS_ROLE_CLIENT);
1470
1471 /*
1472 * We get stronger type safety and a cleaner interface by combining
1473 * the various parameters into a single tls_client_props structure.
1474 *
1475 * Large parameter lists are error-prone, so we emulate a language
1476 * feature that C does not have natively: named parameter lists.
1477 *
1478 * With tlsproxy(8) turned on, this is still needed for DANE-related
1479 * initializations.
1480 */
1481 smtp_tls_ctx =
1482 TLS_CLIENT_INIT(&props,
1483 log_param = VAR_LMTP_SMTP(TLS_LOGLEVEL),
1484 log_level = var_smtp_tls_loglevel,
1485 verifydepth = var_smtp_tls_scert_vd,
1486 cache_type = LMTP_SMTP_SUFFIX(TLS_MGR_SCACHE),
1487 chain_files = var_smtp_tls_chain_files,
1488 cert_file = var_smtp_tls_cert_file,
1489 key_file = var_smtp_tls_key_file,
1490 dcert_file = var_smtp_tls_dcert_file,
1491 dkey_file = var_smtp_tls_dkey_file,
1492 eccert_file = var_smtp_tls_eccert_file,
1493 eckey_file = var_smtp_tls_eckey_file,
1494 CAfile = var_smtp_tls_CAfile,
1495 CApath = var_smtp_tls_CApath,
1496 mdalg = var_smtp_tls_fpt_dgst);
1497 smtp_tls_list_init();
1498 tls_dane_loglevel(VAR_LMTP_SMTP(TLS_LOGLEVEL), var_smtp_tls_loglevel);
1499 #else
1500 msg_warn("TLS has been selected, but TLS support is not compiled in");
1501 #endif
1502 }
1503
1504 /*
1505 * Flush client.
1506 */
1507 flush_init();
1508
1509 /*
1510 * Session cache domain list.
1511 */
1512 if (*var_smtp_cache_dest)
1513 smtp_cache_dest = string_list_init(VAR_SMTP_CACHE_DEST,
1514 MATCH_FLAG_RETURN,
1515 var_smtp_cache_dest);
1516
1517 /*
1518 * EHLO keyword filter.
1519 */
1520 if (*var_smtp_ehlo_dis_maps)
1521 smtp_ehlo_dis_maps = maps_create(VAR_LMTP_SMTP(EHLO_DIS_MAPS),
1522 var_smtp_ehlo_dis_maps,
1523 DICT_FLAG_LOCK);
1524
1525 /*
1526 * PIX bug workarounds.
1527 */
1528 if (*var_smtp_pix_bug_maps)
1529 smtp_pix_bug_maps = maps_create(VAR_LMTP_SMTP(PIX_BUG_MAPS),
1530 var_smtp_pix_bug_maps,
1531 DICT_FLAG_LOCK);
1532
1533 /*
1534 * Generic maps.
1535 */
1536 if (*var_prop_extension)
1537 smtp_ext_prop_mask =
1538 ext_prop_mask(VAR_PROP_EXTENSION, var_prop_extension);
1539 if (*var_smtp_generic_maps)
1540 smtp_generic_maps =
1541 maps_create(VAR_LMTP_SMTP(GENERIC_MAPS), var_smtp_generic_maps,
1542 DICT_FLAG_LOCK | DICT_FLAG_FOLD_FIX
1543 | DICT_FLAG_UTF8_REQUEST);
1544
1545 /*
1546 * Header/body checks.
1547 */
1548 smtp_header_checks = hbc_header_checks_create(
1549 VAR_LMTP_SMTP(HEAD_CHKS), var_smtp_head_chks,
1550 VAR_LMTP_SMTP(MIME_CHKS), var_smtp_mime_chks,
1551 VAR_LMTP_SMTP(NEST_CHKS), var_smtp_nest_chks,
1552 smtp_hbc_callbacks);
1553 smtp_body_checks = hbc_body_checks_create(
1554 VAR_LMTP_SMTP(BODY_CHKS), var_smtp_body_chks,
1555 smtp_hbc_callbacks);
1556
1557 /*
1558 * Server reply filter.
1559 */
1560 if (*var_smtp_resp_filter)
1561 smtp_chat_resp_filter =
1562 dict_open(var_smtp_resp_filter, O_RDONLY,
1563 DICT_FLAG_LOCK | DICT_FLAG_FOLD_FIX);
1564
1565 /*
1566 * Address family preference.
1567 */
1568 if (*var_smtp_addr_pref) {
1569 smtp_addr_pref = name_code(addr_pref_map, NAME_CODE_FLAG_NONE,
1570 var_smtp_addr_pref);
1571 if (smtp_addr_pref < 0)
1572 msg_fatal("bad %s value: %s", VAR_LMTP_SMTP(ADDR_PREF),
1573 var_smtp_addr_pref);
1574 }
1575
1576 /*
1577 * DNS reply filter.
1578 */
1579 if (*var_smtp_dns_re_filter)
1580 dns_rr_filter_compile(VAR_LMTP_SMTP(DNS_RE_FILTER),
1581 var_smtp_dns_re_filter);
1582 }
1583
1584 /* pre_accept - see if tables have changed */
1585
pre_accept(char * unused_name,char ** unused_argv)1586 static void pre_accept(char *unused_name, char **unused_argv)
1587 {
1588 const char *table;
1589
1590 if ((table = dict_changed_name()) != 0) {
1591 msg_info("table %s has changed -- restarting", table);
1592 exit(0);
1593 }
1594 }
1595
1596 MAIL_VERSION_STAMP_DECLARE;
1597
1598 /* main - pass control to the single-threaded skeleton */
1599
main(int argc,char ** argv)1600 int main(int argc, char **argv)
1601 {
1602 char *sane_procname;
1603
1604 #include "smtp_params.c"
1605 #include "lmtp_params.c"
1606
1607 /*
1608 * Fingerprint executables and core dumps.
1609 */
1610 MAIL_VERSION_STAMP_ALLOCATE;
1611
1612 /*
1613 * XXX At this point, var_procname etc. are not initialized.
1614 *
1615 * The process name, "smtp" or "lmtp", determines the protocol, the DSN
1616 * server reply type, SASL service information lookup, and more. Prepare
1617 * for the possibility there may be another personality.
1618 */
1619 sane_procname = sane_basename((VSTRING *) 0, argv[0]);
1620 if (strcmp(sane_procname, "smtp") == 0)
1621 smtp_mode = 1;
1622 else if (strcmp(sane_procname, "lmtp") == 0)
1623 smtp_mode = 0;
1624 else
1625 /* TODO: logging is not initialized. */
1626 msg_fatal("unexpected process name \"%s\" - "
1627 "specify \"smtp\" or \"lmtp\"", var_procname);
1628
1629 /*
1630 * Initialize with the LMTP or SMTP parameter name space.
1631 */
1632 single_server_main(argc, argv, smtp_service,
1633 CA_MAIL_SERVER_TIME_TABLE(smtp_mode ?
1634 smtp_time_table : lmtp_time_table),
1635 CA_MAIL_SERVER_INT_TABLE(smtp_mode ?
1636 smtp_int_table : lmtp_int_table),
1637 CA_MAIL_SERVER_STR_TABLE(smtp_mode ?
1638 smtp_str_table : lmtp_str_table),
1639 CA_MAIL_SERVER_BOOL_TABLE(smtp_mode ?
1640 smtp_bool_table : lmtp_bool_table),
1641 CA_MAIL_SERVER_NBOOL_TABLE(smtp_mode ?
1642 smtp_nbool_table : lmtp_nbool_table),
1643 CA_MAIL_SERVER_PRE_INIT(pre_init),
1644 CA_MAIL_SERVER_POST_INIT(post_init),
1645 CA_MAIL_SERVER_PRE_ACCEPT(pre_accept),
1646 CA_MAIL_SERVER_BOUNCE_INIT(VAR_SMTP_DSN_FILTER,
1647 &var_smtp_dsn_filter),
1648 0);
1649 }
1650